OSS Leftovers

2018 was a rollicking fun year for open source, filled with highs, lows, and plenty of in-between. But what will 2019 hold for Linux and open source software? Let's shrug off the continued introductory dialog and prognosticate.

Since those first days, we’ve frequently seen developers reach the #1 spot in various app stores. We’ve seen apps that have received millions of downloads, and app developers who have made a full time career out of mobile app development. But for many, it’s also a challenging time. The mobile app market has become over saturated. There has been a race-to-the-bottom in app pricing. New challenges extend up the development toolchain and impact the quality of top app engines.

In this evolving industry landscape and these emerging challenges, change is good and necessary. With that in mind, we would like to introduce a big change for Corona. We have decided to get you — the developer community — more involved in Corona’s development, and open-source most of the engine. There are features you want, updates you need, and it’s simply time to get you more involved in Corona’s future. Corona Labs will continue to support the engine and going open source means more transparency to the process.

We are certain you will have a lot of questions about how this will work, and as we have more to share, we will be continuously sharing new details with you. Also, feel free to discuss this in our community forums and in the CDN Slack.

The European Telecommunication Standards Institute (ETSI) today released the latest version of its Open Source MANO (OSM) project. OSM is an operator-led group working on delivering an open source management and network orchestration (MANO) stack that aligns with ETSI NFV models. The latest code release from the group, Release FIVE, extends its capabilities to help operators toward 5G deployments.

OSM released its first code in 2016 and now has around 110 organizations, namely vendors and operators, participating in the project. This includes Accedian, Aricent, Oracle, Saudi Telecom, University College London — which are just a handful of the 18 that have joined in the last six months.

The group is developing a technology-agnostic stack that is enabled by a plugin framework. The newest code release furthers this framework toward transport technologies and maintains the project’s consistent modeling of NFV.

What are the main motivators for CSPs to embrace open source, and how does OpenStack fit into a multi-cloud and increasingly cloud native architecture? A recent survey from TelecomTV of CSPs found that avoidance of vendor lock-in and decreasing time to market were amongst the main reasons for embracing open source. A comprehensive 91 per cent of CSPs said they are either already using OpenStack or plan to deploy it in the near future. However, a majority felt that working with the open source community is easier for the Tier One operators than it is for the smaller tier two and threes, and almost three-quarters felt there were simply too many open source projects. Given these findings, how should CSPs work with open source and OpenStack in particular? Two of the leading CSPs in North America join the panel to discuss their experiences and give advice to others.

The last couple of years have been unexpectedly great in terms of popularizing cryptocurrencies as either means of payment or speculative investments. By now, it’s pretty common to find people who store their coins in software wallets. They are quick, easy to use, and very convenient for commerce. However, the issue at stake is that a very small amount of these wallets actually benefit from the security advantages of open source software. Therefore, this article aims to point out these bad choices and highlight the better alternatives.

The faux-open source choices.

If you randomly ask casual crypto enthusiasts about the software wallets they’re using, the most common responses you get include Jaxx, Exodus, and Coinomi. Though some of these do include parts that are open-sourced or borrow industry-standard elements, the final versions contain multiple additions to the code that cannot be reviewed by everybody in a GitHub repository.

There are several reasons why people use an application like Jaxx: the mobility factor (you can have your wallet on your phone as well as on your home computer), the intuitive interface, the advanced functions (such as instant Shapeshift or Changelly conversions), and the effective marketing behind the efforts. Just the idea of managing your entire crypto portfolio within the UI of a single application is appealing to lots of enthusiasts.

Earlier this week, I talked about the muscle memory monopoly Adobe and other vendors have on users. As we become more and more experienced with these commercial products, we also become more tied to them.

But they are expensive. Individual, non-student licenses for Adobe Creative Cloud can be upwards of $600 per year. While there are lower cost alternatives to many of the individual applications included in Creative Cloud, buying them can add up as well.

A number of you reached out to me asking what you could do if you wanted the capabilities of Creative Cloud, but didn't want to spend the money. In this gallery, we'll look at the 11 main Creative Cloud products and find (mostly) workable substitutes.

At the DockerCon Europe 2018 conference, Docker Inc. today announced it will make Docker Compose for Kubernetes available as an open source project. Docker Compose for Kubernetes was developed by Docker Inc. to make it easier to configure Kubernetes clusters running on top of the Docker Enterprise platform; now it is available to the broader Kubernetes community.

Company CTO Kal De told conference attendees that Docker Inc. would remain committed to leading the development of open source projects even as the company seeks to drive revenue via commercial software and services engagements with enterprise IT organizations. Today, Docker claims it has more than 650 commercial customers and is adding new customers at a rate of over 100 per quarter.

All throughout our lives we are reminded of events from the past. History teaches us about what happened before us to help us understand how society came to be as it is today. But today we live in a digital age, and while leaders, laws, wars and other parts of our history will always be important to know; what about software? Technology is everywhere and it is rapidly changing every day. Should we care about where it all started?

The Software Heritage was launched with a mission to collect, preserve and share all software source code that is publicly available. It is currently working towards building the largest global source code archive ever. The Software Heritage was founded by the French Institute for Research in Computer Science and Automation Inria, and it is backed by partners and supporters such as Crossminer, Qwant, Microsoft, Intel, Google and GitHub.

In a previous article I've announced my sponsorship project, where I offered to help a motivated young Linux Professional getting certified. I found an ideal candidate, and he has taken the RHCSA exam, and now we're ready to take the next step.

Santos Chibenga from Zambia is so engaged in the local Linux community in Zambia that we decided to host an event together: https://www.vieo.tv/event/linux-event-lusaka-zambia. In this event we will have local speakers, and I will educate nearly 200 participants to become LFCS certified. As we realised that this event was growing bigger than expected, we have opened the event for sponsors as well.

A Toyota security researcher on his flight from Japan here to London carried on-board a portable steel attaché case that houses the carmaker's new vehicle cybersecurity testing tool.

Takuya Yoshida, a member of Toyota's InfoTechnology Center, along with his Toyota colleague Tsuyoshi Toyama, are part of the team that developed the new tool, called PASTA (Portable Automotive Security Testbed), an open-source testing platform for researchers and budding car hacking experts. The researchers here today demonstrated the tool, and said Toyota plans to share the specifications on Github, as well as sell the fully built system in Japan initially.

To the scowling, sleep-deprived developers sniping at Amazon Web Services Inc. for slacking on open source: AWS is fed up. It’s put together a team devoted to upping open-source activity and is steadily contributing new software.

“We’re getting criticized for not making enough contributions,” said Adrian Cockcroft ‏(pictured), vice president of cloud architecture strategy at AWS. “But we’ve been making more, and we’re making more, and we’ll just keep making more contributions until people give credit for it.”

The Barcelona City Council is actively promoting the use and reuse of free software, open source solutions and open standards beyond their City Hall. This is outlined in the Barcelona Digital City strategy set by the Commissioner for Technology and Digital Innovation. To support this strategy, Barcelona has created an open source team to help internal departments that need to migrate to open source, providing them with digitally clear ethical standards, guidelines and best practices, as well as, supporting them throughout the whole process, including licencing and publishing the solutions on the municipal’s GitHub space. The Barcelona City Council Open Source Team also started to actively promote a citywide FLOSS community and the dissemination of their solutions on platforms such as Joinup, to ensure they reach the maximum number of people and public sector organisations.

DISC Committee members went all out to spread the word for this Sprint and the effort really paid off!

We reached out to folks across a number of different channels including dev/color, Techqueria, Taiwanese Data Professionals, and PyLadies. Even managed to include a blurb at PyData NYC during the Panel Discussion: My First Open Source Contribution.

You probably found this tutorial because you want to send emails using Python. Perhaps you want to receive email reminders from your code, send a confirmation email to users when they create an account, or send emails to members of your organization to remind them to pay their dues. Sending emails manually is a time-consuming and error-prone task, but it’s easy to automate with Python.

More in Tux Machines

today's leftovers

For those concerned that running Clear Linux means less available packages/bundles than the likes of Debian, Arch Linux, and Fedora with their immense collection of packaged software, Clear has a goal this year of increasing their upstream components available on the distribution by three times.
Intel Fellow Arjan van de Ven provided an update on their bundling state/changes for the distribution. In this update he shared that the Clear Linux team at Intel established a goal this year to have "three times more upstream components in the distro. That's a steep growth, and we want to do that with some basic direction and without reducing quality/etc. We have some folks figuring out what things are the most desired that we lack, so we can add those with most priority... but this is where again we more than welcome feedback."

You might think this annual poll would be fairly similar from year to year, from what distros we list to how people answer, but the results are wildly different from year to year.
(At the time of the creation of each poll, we pull the top 15 distributions according to DistroWatch over the past 12 months.)
Last year, the total votes tallied in at 15,574! And the winner was PCLinuxOS with Ubuntu a close second. Another interesting point is that in 2018, there were 950 votes for "other" and 122 comments compared to this year with only 367 votes for "other" and 69 comments.

Fedora operating system releases are (largely) time-based activity where a new base operating system (kernel, libraries, compilers) is built and tested against our Editions for functionality. This provides a new source for solutions to be built on. The base operating systems may continue to be maintained on the current 13 month life cycle — or services that extend that period may be provided in the future. A solution is never obligated to build against all currently maintained bases.

If you've lived through a major, natural disaster, you know that during the first few days you'll probably have to rely on a mental map, instead of using a smartphone as an extension of your brain. Where's the closest hospital with disaster care? What about shelters? Gas stations? And how many soft story buildings—with their propensity to collapse—will you have to zig-zag around to get there?
Trying to answer these questions after moving back to earthquake-prone San Francisco is why I started the Resiliency Maps project. The idea is to store information about assets, resources, and hazards in a given geographical area in a map that you can download and print out. The project contributes to and is powered by OpenStreetMap (OSM), and the project's entire toolkit is open source, ensuring that the maps will be available to anyone who wants to use them.

Drupal is the third most-widely used CMS behind WordPress and Joomla. With an estimated 3 percent to 4 percent of the world's billion-plus websites, that means Drupal runs tens of millions of sites. Critical flaws in any CMS are popular with hackers, because the vulnerabilities can be unleashed against large numbers of sites with a single, often-easy-to-write script.

Bradley Kuhn works for the Software Freedom Conservancy (SFC) and part of what that organization does is to think about the problems that software freedom may encounter in the future. SFC worries about what will happen with the four freedoms as things change in the world. One of those changes is already upon us: the Internet of Things (IoT) has become quite popular, but it has many dangers, he said. Copyleft can help; his talk is meant to show how.
It is still an open question in his mind whether the IoT is beneficial or not. But the "deep trouble" that we are in from IoT can be mitigated to some extent by copyleft licenses that are "regularly and fairly enforced". Copyleft is not the solution to all of the problems, all of the time—no idea, no matter how great, can be—but it can help with the dangers of IoT. That is what he hoped to convince attendees with his talk.
A joke that he had seen at least three times at the conference (and certainly before that as well) is that the "S" in IoT stands for security. As everyone knows by now, the IoT is not about security. He pointed to some recent incidents, including IoT baby monitors that were compromised by attackers in order to verbally threaten the parents. This is "scary stuff", he said.

Pat decided to update the Python 3 to version 3.7.2. This update from 3.6 to 3.7 broke binary compatibility and a lot of packages needed to be rebuilt in -current. But you all saw the ChangeLog.txt entry of course.
In my ‘ktown’ repository with Plasma5 packages, the same needed to happen. I have uploaded a set of recompiled packages already, so you can safely upgrade to the latest -current as long as you also upgrade to the latest ‘ktown’. Kudos to Pat for giving me advance warning so I could already start recompiling my own stuff before he uploaded his packages.

The KDE Community has just announced the wider integration of Matrix instant messaging into its communications infrastructure. There are instructions on the KDE Community Wiki as well.
So what’s the state of modern chat with KDE-FreeBSD?
The web client works pretty well in Falkon, the default browser in a KDE Plasma session on FreeBSD. I don’t like leaving browsers open for long periods of time, so I looked at the available desktop clients. Porting Quaternion to FreeBSD was dead simple. No compile warnings, nothing, just an hour of doing some boilerplate-ish things, figuring out which Qt components are needed, and doing a bunch of test builds. So that client is now available from official FreeBSD ports. The GTK-based client Fractal was already ported, so there’s choices available for native-desktop applications over the browser or Electron experience.

If you followed Kdenlive’s activity these last years, you know that we dedicated all our energy into a major code refactoring. During this period, which is not the most exciting since our first goal was to simply restore all the stable version’s features, we were extremely lucky to see new people joining the core team, and investing a lot of time in the project.
We are now considering to release the updated version in April, with KDE Applications 19.04. There are still a few rough edges and missing features (with many new ones added as well), but we think it now reached the point where it is possible to start working with it.

Preliminary Support Allows Linux KVM To Boot Xen HVM Guests

As one of the most interesting patch series sent over by an Oracle developer in quite a while at least on the virtualization front, a "request for comments" series was sent out on Wednesday that would enable the Linux Kernel-based Virtual Machine (KVM) to be able to boot Xen HVM guests.
The 39 patches touching surprisingly just over three thousand lines of code allow for Linux's KVM to run unmodified Xen HVM images as well as development/testing of Xen guests and Xen para-virtualized drivers. This approach is different from other efforts in the past of tighter Xen+KVM integration.

Servers: Kubernetes, SUSE Enterprise Storage and Microsoft/SAP

One of the questions I get asked quite often by people who are just starting or are simply not used to the “new” way things are done in IT is, “What is the cloud?” This, I think, is something you get many different answers to depending on who you ask. I like to think of it this way: The cloud is a grouping of resources (compute, storage, network) that are available to be used in a manner that makes them both highly available and scalable, either up or down, as needed. If I have an issue with a resource, I need to be able to replace that resource quickly — and this is where containers come in. They are lightweight, can be started quickly, and allow us to focus a container on a single job. Containers are also replaceable. If I have a DB container, for instance, there can’t be anything about it that makes it “special” so that when it is replaced, I do not lose operational capability.

As your data needs continue to expand, it’s important to have a storage solution that’s both scalable and easy to manage. That’s particularly true when you’re managing common gateway resources like iSCSI that provide interfaces to storage pools built in Ceph. In this white paper, you’ll see how to use the SUSE Enterprise Storage openATTIC management console to create RADOS block devices (RBDs), pools and iSCSI interfaces for use with Linux, Windows and VMware systems.